[Solved] Many sites r not opening, not even google

[unknownasphyxiated]

3 hours ago, WAMVN said:

Is this true for Kaspersky ? So we are not secure after all lol.

all AV do that even Adguard

this is the only way to scan https connection

if you don't trust the software, don't enable

[Ice Frog]

7 hours ago, truemate said:

import it from where ??

btw, its already there...

 

If it's already there you can delete it and then import it again from the options present there, must be present in the installation dir itself.

[HX1]

Open Internet Options in Control Panel ( need to use 'small icons to view )..

 

Content Tab and then we will try to 'Clear SSL state' this will clear the cached data ( or possible corrupted data concerning the HTTPS connections which may not load...)

 

You also can open Certificates and go to Trusted Root Certification Authorities find the certificate that is related to the services you have disabled ( if that is what you wish to do ) and remove the Certs.. For example, Adguard Personal CA, and ESET SSL Filter CA... in some cases these are not removed or used.. or need to be reinstalled as mentioned before.. While ALL of said certificates and data can become corrupted, invalid or out-of-date and can cause issues. Microsoft Root Authority certs used to be updated through Microsoft Update and could sometimes cause intermediary issues...

 

I would do a reboot after all of the system changes have been done for your desired configuration and see what happens... You may also want to clear the cache for your browsers as well.. Just in case any are related to old certs... Just an idea.

 

EDIT: Also most of these certs are installed when the programs they are relative to are installed, or the cert is obtained during SSL Handshake.

[macnavarra]

On ‎21‎/‎07‎/‎2016 at 3:51 PM, macnavarra said:

had the same problem I had to choose between eset ssl filtering and adguard ssl filtering I have opted for adguard ssl filtering by enabling adguard ssl filtering and disabled eset ssl filtering the eset version doesn't play any role for that matter.

btw I opt for adguard ssl filtering since eset doesn't  block adds in https sites and http sites.

So I use adguard ssl ceriticates.

other solution is to use only the adguard browser extension or other ad block extension in all browsers except IE11 and EDGE.

 

[BALTAGY]

3 hours ago, macnavarra said:

btw I opt for adguard ssl filtering since eset doesn't  block adds in https sites and http sites.

So I use adguard ssl ceriticates.

other solution is to use only the adguard browser extension or other ad block extension in all browsers except IE11 and EDGE.

 

ESET Smart Security Parental Control block adds both http and https if you have SSL scan enabled

[Sylence]

Is your problem solved?

[LeetPirate]

On 7/24/2016 at 6:33 AM, truemate said:

import it from where ??

 

Open ESET, go to Advanced Setup, then click Web and Email on the left, then scroll down to Root Certificate section on the right, click View Certificate > Details > Copy to File... and manually import it into the browser.

[Holmes]

This worked for me:

 

https://support.mozilla.org/en-US/questions/1028755

 

Go to firefox about:config then look for security.ssl.enable_ocsp_stapling and change the value to false.

[truemate]

On 7/25/2016 at 6:40 AM, HX1 said:

Open Internet Options in Control Panel ( need to use 'small icons to view )..

Content Tab and then we will try to 'Clear SSL state' this will clear the cached data ( or possible corrupted data concerning the HTTPS connections which may not load...)

You also can open Certificates and go to Trusted Root Certification Authorities find the certificate that is related to the services you have disabled ( if that is what you wish to do ) and remove the Certs.. For example, Adguard Personal CA, and ESET SSL Filter CA... in some cases these are not removed or used.. or need to be reinstalled as mentioned before.. While ALL of said certificates and data can become corrupted, invalid or out-of-date and can cause issues. Microsoft Root Authority certs used to be updated through Microsoft Update and could sometimes cause intermediary issues...

 

I would do a reboot after all of the system changes have been done for your desired configuration and see what happens... You may also want to clear the cache for your browsers as well.. Just in case any are related to old certs... Just an idea.

EDIT: Also most of these certs are installed when the programs they are relative to are installed, or the cert is obtained during SSL Handshake.

 

cleared SSL state and follow those steps. still same thing

 

18 hours ago, LeetPirate said:

 

Open ESET, go to Advanced Setup, then click Web and Email on the left, then scroll down to Root Certificate section on the right, click View Certificate > Details > Copy to File... and manually import it into the browser.

 

done this.. still nope.

 

17 hours ago, Holmes said:

This worked for me:

 

https://support.mozilla.org/en-US/questions/1028755

 

Go to firefox about:config then look for security.ssl.enable_ocsp_stapling and change the value to false.

done this too.... changes made to false restarted ff but...

i undo changes.. back to value 'true'.

 

i dont think its browser problem... eset prob

 

 

21 hours ago, saeed_dc said:

Is your problem solved?

No .. yes bro

as by all these methods nothing solved yet.. but by disabling SSL in ess v9  my prob solved.

 

like this...... hope its safe frm malware,virus,trojans while browsing

portable opera in d drive

 

 

most strange/funny part is that eset wont scan for any ssl like things for palemoon.

i use palemoon 26.3 portable & i can browse anything from it........ without any like these issues.

 

 

 

[Sylence]

7 hours ago, truemate said:

 

cleared SSL state and follow those steps. still same thing

 

 

done this.. still nope.

 

done this too.... changes made to false restarted ff but...

i undo changes.. back to value 'true'.

 

i dont think its browser problem... eset prob

 

 

No .. yes bro

as by all these methods nothing solved yet.. but by disabling SSL in ess v9  my prob solved.

 

like this...... hope its safe frm malware,virus,trojans while browsing

portable opera in d drive

 

 

most strange/funny part is that eset wont scan for any ssl like things for palemoon.

i use palemoon 26.3 portable & i can browse anything from it........ without any like these issues.

 

 

 

 

You might wanna try a better software like Kaspersk internet security 2017  

[Holmes]

Eset nodthirtytwo is good its been the king of low false positives for a long time.  If you have to just disable eset ssl filtering for now then enable it again in the future if you dont want to change your browser settings.

[LeetPirate]

I know some people are OCD about this type of thing but nobody needs the ssl filter enabled, if there were a virus it can't execute while encrypted with ssl so what's the point? As soon as the browser decrypts the data and it turns out to be a virus the other scanners will detect it. Why compromise your security by breaking ssl to then pretend you are secure? 

 

If anyone cares to let common sense prevail feel free to read this article: http://www.securityweek.com/antivirus-software-has-negative-impact-https-security-researcher

 

Quote

“I also found a number of other issues. ESET doesn't support TLS 1.2 and therefore uses a less secure encryption algorithm. Avast and ESET don't support OCSP stapling. Kaspersky enables the insecure TLS compression feature that will make a user vulnerable to the CRIME attack,” Böck reported. “Both Avast and Kaspersky accept nonsensical parameters for Diffie Hellman key exchanges with a size of 8 bit. Avast is especially interesting because it bundles the Google Chrome browser. It installs a browser with advanced HTTPS features and lowers its security right away.”

 

Just because ESET is generally a good product does not mean every feature is worth using, that SSL scanning feature is hogwash, just marketing to advertise and not be left out because if everyone else is doing it they need to do it too else illiterate customers will think the product is inferior somehow. It's just like when people go to the market and if there is only 1 fruit left in the box nobody buys it because they think it's inferior.

[BALTAGY]

8 hours ago, LeetPirate said:

I know some people are OCD about this type of thing but nobody needs the ssl filter enabled, if there were a virus it can't execute while encrypted with ssl so what's the point? As soon as the browser decrypts the data and it turns out to be a virus the other scanners will detect it. Why compromise your security by breaking ssl to then pretend you are secure? 

 

If anyone cares to let common sense prevail feel free to read this article: http://www.securityweek.com/antivirus-software-has-negative-impact-https-security-researcher

 

 

Just because ESET is generally a good product does not mean every feature is worth using, that SSL scanning feature is hogwash, just marketing to advertise and not be left out because if everyone else is doing it they need to do it too else illiterate customers will think the product is inferior somehow. It's just like when people go to the market and if there is only 1 fruit left in the box nobody buys it because they think it's inferior.

Sometimes with All Antivirus they detect a infected link but they don't detect the virus it self yet so better to let the Antivirus detect and block infected links without download the virus and wait to see if the Antivirus will detect the file or not

 

It happen with me alot while testing Bitdefender and Kaspersky

[DKT27]

Topic marked as solved.

 

Question is, does encrypted sites, which most of them come with a valid certificate, really needs web filtering or anything like such.

[BALTAGY]

31 minutes ago, DKT27 said:

Topic marked as solved.

 

Question is, does encrypted sites, which most of them come with a valid certificate, really needs web filtering or anything like such.

What if the site have viruses and your Antivirus don't detect the virus it self but can detect the bad links, encrypting wont help in this

 

Note that any Antivirus can't protect you 100% so sometimes they block the links that contain the viruses but don't detect the virus it self

 

Also encrypting as i understand it means nothing between me and the server but that don't mean the server is clean, For example i can upload infected pic and give you an HTTPS link for it

 

I don't know how to explain what i mean more

[DKT27]

5 minutes ago, BALTAGY said:

What if the site have viruses and your Antivirus don't detect the virus it self but can detect the bad links, encrypting wont help in this

 

Note that any Antivirus can't protect you 100% so sometimes they block the links that contain the viruses but don't detect the virus it self

 

Also encrypting as i understand it means nothing between me and the server but that don't mean the server is clean, For example i can upload infected pic and give you an HTTPS link for it

 

I don't know how to explain what i mean more

 

I agree with you. While I'm up for correction, ESET web filtering is probably made for bad sites, while, in principal, bad sites do not get certificates for encryption. Does the web filtering work for individual files on the sites or the site as whole.

 

To add to that, ESET and other AVs, as mentioned above, are doing it badly.

 

Again, I agree with what you are saying, but here, until they fix it and improve how it works, I can be stopped I think.

[BALTAGY]

6 minutes ago, DKT27 said:

 

I agree with you. While I'm up for correction, ESET web filtering is probably made for bad sites, while, in principal, bad sites do not get certificates for encryption. Does the web filtering work for individual files on the sites or the site as whole.

 

To add to that, ESET and other AVs, as mentioned above, are doing it badly.

 

Again, I agree with what you are saying, but here, until they fix it and improve how it works, I can be stopped I think.

As i know web filtering will scan all files you open from the site for example if i browse nsane as HTTPS NOD32 will scan every link and every image i open while browsing

[truemate]

On 7/26/2016 at 11:46 PM, saeed_dc said:

 

You might wanna try a better software like Kaspersk internet security 2017  

 

here in this thread only its been said that even kaspersky have this prob of ssl filtering stuff....

 

 

On 7/27/2016 at 8:07 AM, LeetPirate said:

I know some people are OCD about this type of thing but nobody needs the ssl filter enabled, if there were a virus it can't execute while encrypted with ssl so what's the point? As soon as the browser decrypts the data and it turns out to be a virus the other scanners will detect it. Why compromise your security by breaking ssl to then pretend you are secure? 

If anyone cares to let common sense prevail feel free to read this article: http://www.securityweek.com/antivirus-software-has-negative-impact-https-security-researcher

Just because ESET is generally a good product does not mean every feature is worth using, that SSL scanning feature is hogwash, just marketing to advertise and not be left out because if everyone else is doing it they need to do it too else illiterate customers will think the product is inferior somehow. It's just like when people go to the market and if there is only 1 fruit left in the box nobody buys it because they think it's inferior.

 

"nobody needs the ssl filter enabled". ........aaah these words make me so relaxed

 

 

On 7/27/2016 at 10:47 PM, DKT27 said:

Topic marked as solved.

Question is, does encrypted sites, which most of them come with a valid certificate, really needs web filtering or anything like such.

 

yea solved.. i disabled ssl filtering

 

 

 

[truemate]

On 7/27/2016 at 11:29 PM, DKT27 said:

 

ESET web filtering is probably made for bad sites, while, in principal, bad sites do not get certificates for encryption. Does the web filtering work for individual files on the sites or the site as whole.

 

bad sites... google, speed baltagy blog are bad sites !

now even Microsoft updates site is not opening properly .. but in Firefox all these are ok (as SSL/TLS filtering is been stopped/ignore for ff browser.. see above attached pic>

 

 

On 7/27/2016 at 11:19 PM, BALTAGY said:

What if the site have viruses and your Antivirus don't detect the virus it self but can detect the bad links, encrypting wont help in this

Note that any Antivirus can't protect you 100% so sometimes they block the links that contain the viruses but don't detect the virus it self

 

Sometimes with All Antivirus they detect a infected link but they don't detect the virus it self yet so better to let the Antivirus detect and block infected links without download the virus and wait to see if the Antivirus will detect the file or not

 

Bro is your speed portable blog have some virus ?

as that site too blocked by my ESS9

 

Ok everyone.. if this ssl filtering is so much imp then why its been disabled in eset v8 ???

i use ess v8 from more then a year ,never face like these prob....  all this started after i update to ess v9

 

[BALTAGY]

5 hours ago, truemate said:

 

bad sites... google, speed baltagy blog are bad sites !

now even Microsoft updates site is not opening properly .. but in Firefox all these are ok (as SSL/TLS filtering is been stopped/ignore for ff browser.. see above attached pic>

 

 

 

Bro is your speed portable blog have some virus ?

as that site too blocked by my ESS9

 

 

 

Ok everyone.. if this ssl filtering is so much imp then why its been disabled in eset v8 ???

i use ess v8 from more then a year ,never face like these prob....  all this started after i update to ess v9

 

The sites that don't open with you that have HTTPS because you have a problem with SSL scan not because they are bad even my blog is HTTPS

 

Also you move on with technology before they didn't scan SSL but now all Antivirus do that unless you want to disable it, it's up to you

[truemate]

disable ssl scan...